Sorting out IIS Security through ASP

Results 1 to 2 of 2

Thread: Sorting out IIS Security through ASP

  1. #1
    Join Date
    Dec 1969

    Default Sorting out IIS Security through ASP

    I want to give trusted users (users on our own networks) access to a live site (browsed by internet people) so that they can update information without constantly having to come through us (the web team).<BR><BR>My initial idea was to use challenge/response, anonymous users return AUTH_USER = "" so they wouldn&#039;t ever have access to the sensitive bits.<BR><BR>Problem is that giving access to anonymous users overrides challenge/response, essentially everyone is treated as an anonymous user and IIS never thinks to query the users credentials. So nobody ever gets access to the sensitive areas...<BR><BR>Does anybody know of any workarounds? I don&#039;t want to use more login prompts, our users have to remember too many passwords as it is... I want it to detect them invisibly.<BR><BR>Any help appreciated.

  2. #2

    Default RE: Sorting out IIS Security through ASP

    You will need to set the permisions of the files on disk, when ANON access fails for those pages a challenge/response should happen.<BR><BR>-A

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts